2018 Phishing Trends & Intelligence Report: The Shift to Enterprise

Like years past, phishing continues to be an evolving threat. What once was a simple attack that would hit everyone from your neighbors to your colleagues’ inboxes has since expanded to different medians and tactics growing in sophistication.

In this year’s Phishing Trends & Intelligence report (PTI), PhishLabs has observed a new shift in not only how, but who threat actors are targeting.


In 2017 the most significant shift is in the transition from targeting individual consumers to enterprise-focused attacks. Threat actors are targeting enterprises by impersonating the services that enterprises rely on every day, such as email service providers and software as a service (SaaS) platforms. This shift to enterprise is alarming and indicates a change in threat actor motivations. Threat actors can use stolen credentials to pursue many different aims and all of which pose significant risk to victim companies. Credentials can be used to steal data, access corporate systems, or they can be packaged up and sold to the highest bidder.

In addition to enterprise targets receiving more heat, we’ve observed continued attacks on the financial industry, social media and mobile as heavier medians, and bold new tactics that take advantage of how much people trust newer technology.

Key Findings

DevOps Unbound Podcast
  • Industry shift shows signs of threat actors switching from primarily targeting individuals to targeting organizations.
  • Email and online services (26% of all attacks) overtook financial institutions (21%) as the top phishing target.
  • Nearly one-third of all phishing sites observed by the end of 2017 were located on HTTPS domains, up from only five percent at the end of 2016.
  • Attacks targeting SaaS exploded with more than 237 percent growth.
  • Attacks targeting social media platforms have nearly tripled since last year due to the inherent trust between users and the platform or brand.
  • The ransomware landscape is maturing and is no longer experiencing exponential growth of new threat families.
  • Mobile malware continues to rise, and new techniques take advantage of the increased use and security shortcomings of mobile devices.
  • The share of attacks against targets in the United States continues to grow, now accounting for more than 86 percent (up from 81% last year) of all phishing attacks.
  • Some countries that saw significant increases in phishing activity in 2016, such as Canada, France, and Italy, experienced substantial decreases in phishing volume in 2017.

To be among the first to gain access to the report, pre-register for it here. You can also register for the upcoming webinar set for April 26, 2018, where our Director of Threat Intelligence, Crane Hassold, will discuss why there is a shift from consumers to the enterprise.

*** This is a Security Bloggers Network syndicated blog from The PhishLabs Blog authored by Elliot Volkman. Read the original post at:

Integrated Security Data PulseMeter

Step 1 of 7

What percentage of your organization’s security data is integrated into a SIEM or data repository you manage? (Select one)(Required)